#!/usr/bin/python3
# 获取Docker官方仓库crt证书
# Py 3.10.11
# By gas

import ssl
import socket

HOST = "index.docker.io"
PORT = 443
crtPath = f"/etc/ssl/certs/{HOST}.crt"

# 获取证书
c = ssl.create_default_context()
with socket.create_connection((HOST, PORT)) as s:
    with c.wrap_socket(s, server_hostname=HOST) as ss:
        crt = ssl.DER_cert_to_PEM_cert(ss.getpeercert(True))
# 保存文件
with open(crtPath, "a") as f:
    f.write(crt)
f.close()
